The U.S. Department of Justice has indicted two hackers linked to Russia's Federal Security Service (FSB), accusing them of conducting a years-long cyberespionage campaign targeting government officials. The Justice Department on Thursday charged FSB intelligence officer Ruslan Aleksandrovich Peretyatko and information technology worker Andrey Stanislavovich Korinets with trying to hack into the computers of employees of multiple U.S. government agencies, including the Departments of Defense and Energy, between October 2016 and October 2022.

The indictment also alleges that the conspirators, publicly known as "CallistoGroup," targeted military and government officials, think tank researchers and staff, and journalists in the United Kingdom and elsewhere using sophisticated spear-phishing emails that purported to be from email providers and suggested that users had violated terms of service.

According to the Justice Department's indictment, the emails contained malicious domains created by the Callisto Group to obtain victims' credentials, allowing the conspirators to gain unauthorized access to the victims' accounts and obtain "valuable intelligence," including intelligence related to U.S. defense, foreign and security policy.

According to the Ministry of Justice, information obtained "from some of these targeted accounts" was also leaked to Russian and British media ahead of the 2019 UK general election as part of a hacking and leak disinformation campaign.

Earlier on Thursday, the UK government announced that it had also uncovered "continued unsuccessful attempts" by the Federal Security Service to interfere with the UK's political process and sanctioned Peretyatko and Korinets for spear-phishing and related activities that "resulted in unauthorized access and exfiltration of sensitive data with the aim of damaging UK organizations and, more broadly, the UK government".

The UK's National Cyber ​​Security Center (part of GCHQ) said the hackers were "almost certainly affiliated" with Russia's FSB and selectively leaked the information they obtained "in line with Russia's confrontational objectives, including undermining trust in politics in the UK and similar countries".

The U.S. Treasury Department also announced sanctions against Peretyatko and Korinec, and the U.S. State Department also offered a reward of $10 million for clues to identify the two men's identities and whereabouts.

The Callisto Group is tracked by Microsoft as "StarBlizzard" and by the Google Threat Analysis Team as "ColdDriver". It is known for its long-term espionage activities against NATO countries, especially the United States and the United Kingdom. In May 2022, Google researchers attributed a hacking leak operation to the group that stole and leaked a large number of emails and documents from senior Brexit supporters, including Sir Richard Dearlove, the former head of the British foreign intelligence agency MI6.